!ZRgXNaHrdpGqwUnGnj:nixos.org

NixOS Security Triage

698 Members
Coordination and triage of security issues in nixpkgs213 Servers

Load older messages

SenderMessageTime
27 Nov 2024
@stigo:matrix.orgstigo changed their display name from stigo to stigo (away).20:49:37
28 Nov 2024
@denkn:denkn.atDenKn changed their display name from DenKn to 𝔇𝔢𝔫𝔎𝔫.10:54:07
@shawn8901:matrix.orgshawn8901 left the room.18:48:42
@shawn8901:matrix.orgshawn8901 joined the room.18:54:10
@Minijackson:matrix.orgMinijacksonRedacted or Malformed Event23:19:46
29 Nov 2024
@lassulus:lassul.uslassulus changed their profile picture.18:30:20
1 Dec 2024
@shawn8901:matrix.orgshawn8901 left the room.00:08:10
@shawn8901:matrix.orgshawn8901 joined the room.00:11:08
@maralorn:maralorn.demaralorn left the room.09:24:14
2 Dec 2024
@pyrox:pyrox.devdish [Fox/It/She] changed their profile picture.19:59:17
3 Dec 2024
@stigo:matrix.orgstigo changed their display name from stigo (away) to stigo.00:52:02
@getchoo:matrix.orggetchoo changed their profile picture.06:06:26
@fernsehmuell:matrix.orgfernsehmuell (☎️ 3376 he/him) joined the room.15:20:58
@fernsehmuell:matrix.orgfernsehmuell (☎️ 3376 he/him)Hello, everyone. I just stumbled about this: https://discuss.rubyonrails.org/t/rails-html-sanitizer-v1-6-1-addresses-multiple-cves/88092 Gitlab, Redmine, Zammad, Mastodon, Discourse and metasploit use that gem.15:23:43
@teutat3s:pub.solarteutat3shttps://github.com/element-hq/synapse/releases/tag/v1.120.216:56:21
6 Dec 2024
@cafkafk:fem.ggcafkafk changed their profile picture.03:43:51
@ahurac:chat.ahur.acAhurac joined the room.12:30:28
@scrumplex:duckhub.ioScrumplexhigh Python vulnerability 👀 https://www.cve.org/CVERecord?id=CVE-2024-12254 https://github.com/python/cpython/pull/12765617:41:18
@scrumplex:duckhub.ioScrumplexRelevant patch for 3.12: https://github.com/python/cpython/commit/9aa0deb2eef2655a1029ba228527b152353135b517:42:26
@hexa:lossy.networkhexameh17:42:35
@scrumplex:duckhub.ioScrumplexyeah not sure why this is over 817:42:43
@magic_rb:matrix.redalder.org@magic_rb:matrix.redalder.org(i was expecting worse)17:42:45
@scrumplex:duckhub.ioScrumplex * yeah not sure why this has a score over 817:42:55
@magic_rb:matrix.redalder.org@magic_rb:matrix.redalder.org * (i was expecting worse, great SNR)17:43:04
@hexa:lossy.networkhexabdraco++17:43:15
@hexa:lossy.networkhexa https://github.com/NixOS/nixpkgs/pull/362523 18:13:05
@robert:funklause.dedotlambdahttps://github.com/Kludex/python-multipart/security/advisories/GHSA-59g5-xgcq-4qw3 fixed in https://github.com/NixOS/nixpkgs/pull/36255820:53:24
8 Dec 2024
@shawn8901:matrix.orgshawn8901 set a profile picture.19:21:34
9 Dec 2024
@tomodachi94:matrix.orgTomodachi94 (they/them)https://matrix.to/#/#dev:nixos.org/$1QE9j5UPzFb-qL02MAvSbSzX-0UspFEc5FBEtqH8y8s23:33:10
@tomodachi94:matrix.orgTomodachi94 (they/them)
This Matomo update has a "high impact security fix" that came out more than two months ago: > https://github.com/NixOS/nixpkgs/pull/363621
23:33:27

Show newer messages

Back to Room ListRoom Version: 6